You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tomee.apache.org by rm...@apache.org on 2014/08/20 20:58:48 UTC
svn commit: r1619206 - in /tomee/tomee/trunk/container/openejb-core/src:
main/java/org/apache/openejb/core/security/SecurityServiceImpl.java
test/java/org/apache/openejb/core/security/SecurityServiceImplTest.java
Author: rmannibucau
Date: Wed Aug 20 18:58:48 2014
New Revision: 1619206
URL: http://svn.apache.org/r1619206
Log:
OPENEJB-2102 correct path decoding for login.config
Added:
tomee/tomee/trunk/container/openejb-core/src/test/java/org/apache/openejb/core/security/SecurityServiceImplTest.java
Modified:
tomee/tomee/trunk/container/openejb-core/src/main/java/org/apache/openejb/core/security/SecurityServiceImpl.java
Modified: tomee/tomee/trunk/container/openejb-core/src/main/java/org/apache/openejb/core/security/SecurityServiceImpl.java
URL: http://svn.apache.org/viewvc/tomee/tomee/trunk/container/openejb-core/src/main/java/org/apache/openejb/core/security/SecurityServiceImpl.java?rev=1619206&r1=1619205&r2=1619206&view=diff
==============================================================================
--- tomee/tomee/trunk/container/openejb-core/src/main/java/org/apache/openejb/core/security/SecurityServiceImpl.java (original)
+++ tomee/tomee/trunk/container/openejb-core/src/main/java/org/apache/openejb/core/security/SecurityServiceImpl.java Wed Aug 20 18:58:48 2014
@@ -21,13 +21,12 @@ import org.apache.openejb.core.security.
import org.apache.openejb.core.security.jacc.BasicJaccProvider;
import org.apache.openejb.loader.SystemInstance;
import org.apache.openejb.util.ConfUtils;
+import org.apache.xbean.finder.archive.FileArchive;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
-import java.io.UnsupportedEncodingException;
import java.net.URL;
-import java.net.URLDecoder;
import java.util.Map;
import java.util.UUID;
import java.util.concurrent.ConcurrentHashMap;
@@ -68,12 +67,7 @@ public class SecurityServiceImpl extends
}
final URL loginConfig = ConfUtils.getConfResource("login.config");
-
- try {
- System.setProperty("java.security.auth.login.config", URLDecoder.decode(loginConfig.toExternalForm(), "UTF8"));
- } catch (final UnsupportedEncodingException e) {
- System.setProperty("java.security.auth.login.config", URLDecoder.decode(loginConfig.toExternalForm()));
- }
+ System.setProperty("java.security.auth.login.config", FileArchive.decode(loginConfig.toExternalForm()));
}
@Override
Added: tomee/tomee/trunk/container/openejb-core/src/test/java/org/apache/openejb/core/security/SecurityServiceImplTest.java
URL: http://svn.apache.org/viewvc/tomee/tomee/trunk/container/openejb-core/src/test/java/org/apache/openejb/core/security/SecurityServiceImplTest.java?rev=1619206&view=auto
==============================================================================
--- tomee/tomee/trunk/container/openejb-core/src/test/java/org/apache/openejb/core/security/SecurityServiceImplTest.java (added)
+++ tomee/tomee/trunk/container/openejb-core/src/test/java/org/apache/openejb/core/security/SecurityServiceImplTest.java Wed Aug 20 18:58:48 2014
@@ -0,0 +1,53 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.openejb.core.security;
+
+import org.apache.openejb.util.ArrayEnumeration;
+import org.junit.Test;
+
+import java.io.IOException;
+import java.lang.reflect.Method;
+import java.net.URL;
+import java.net.URLClassLoader;
+import java.util.Enumeration;
+import java.util.concurrent.atomic.AtomicReference;
+
+import static java.util.Arrays.asList;
+import static org.junit.Assert.assertEquals;
+
+public class SecurityServiceImplTest {
+ @Test
+ public void plusInPath() throws Exception {
+ final AtomicReference<String> path = new AtomicReference<>();
+ final ClassLoader jaasLoader = new URLClassLoader(new URL[0]) {
+ @Override
+ public Enumeration<URL> getResources(final String name) throws IOException {
+ return new ArrayEnumeration(asList(new URL("file:/tmp/jaas/folder+with+plus/login.config")));
+ }
+ };
+ Thread.currentThread().setContextClassLoader(jaasLoader);
+ try {
+ final Method mtd = SecurityServiceImpl.class.getDeclaredMethod("installJaas");
+ mtd.setAccessible(true);
+ mtd.invoke(null);
+ final String config = System.getProperty("java.security.auth.login.config");
+ assertEquals("file:/tmp/jaas/folder+with+plus/login.config", config);
+ } finally {
+ Thread.currentThread().setContextClassLoader(jaasLoader.getParent());
+ }
+ }
+}